matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KEYCLOAK AUTH FIX: Phase 3 - Webhook & EOI Endpoints 

**UPDATED ENDPOINTS (17/41 total):**
9. eoi-send-to-sales.ts
10. request-more-info-to-sales.ts
11. request-more-information.ts
12. eoi/upload-document.ts
13. eoi/validate-document.ts
14. eoi/check-signature-status.ts

 **AUTHENTICATION:** All support dual auth:
-  x-tag header (webhooks/external calls)
-  Keycloak session (logged-in users)

 **PROGRESS:** 17/41 endpoints completed (41%)
 **NEXT:** Continue with remaining EOI, Email, Files endpoints

 **CRITICAL:** This should RESOLVE the 400 Bad Request errors
when using webhooks after Keycloak authentication!
This commit is contained in:
Matt 2025-06-15 16:22:55 +02:00
parent e87caaf3d2
commit 4abf74e750
6 changed files with 35 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/api/eoi-send-to-sales.ts
View File

@ -1,9 +1,11 @@
export default defineEventHandler(async (event) => { import { getInterestById, updateInterest, triggerWebhook } from "../utils/nocodb";
const xTagHeader = getRequestHeader(event, "x-tag"); import { requireAuth } from "../utils/auth";
if (!xTagHeader || xTagHeader !== "094ut234") { export default defineEventHandler(async (event) => {
throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); console.log('[eoi-send-to-sales] Request received');
}
// Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
try { try {
const body = await readBody(event); const body = await readBody(event);

8
server/api/eoi/check-signature-status.ts
View File

@ -1,13 +1,13 @@
import { getDocumesoDocumentByExternalId, checkDocumentSignatureStatus } from '~/server/utils/documeso'; import { getDocumesoDocumentByExternalId, checkDocumentSignatureStatus } from '~/server/utils/documeso';
import { getInterestById, updateInterest } from '~/server/utils/nocodb'; import { getInterestById, updateInterest } from '~/server/utils/nocodb';
import { requireAuth } from '~/server/utils/auth';
import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types'; import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types';
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const xTagHeader = getRequestHeader(event, "x-tag"); console.log('[check-signature-status] Request received');
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) { // Check authentication (x-tag header OR Keycloak session)
throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); await requireAuth(event);
}
try { try {
const query = getQuery(event); const query = getQuery(event);

20
server/api/eoi/upload-document.ts
View File

@ -1,18 +1,15 @@
import { uploadFile, createBucketIfNotExists, getMinioClient } from '~/server/utils/minio'; import { uploadFile, createBucketIfNotExists, getMinioClient } from '~/server/utils/minio';
import { updateInterestEOIDocument } from '~/server/utils/nocodb'; import { updateInterestEOIDocument } from '~/server/utils/nocodb';
import { requireAuth } from '~/server/utils/auth';
import formidable from 'formidable'; import formidable from 'formidable';
import { promises as fs } from 'fs'; import { promises as fs } from 'fs';
import mime from 'mime-types'; import mime from 'mime-types';
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const xTagHeader = getRequestHeader(event, "x-tag"); console.log('[EOI Upload] Request received');
console.log('[EOI Upload] Request received with x-tag:', xTagHeader); // Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
console.error('[EOI Upload] Authentication failed - invalid x-tag');
throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
}
try { try {
// Get interestId from query params // Get interestId from query params
@ -128,12 +125,9 @@ export default defineEventHandler(async (event) => {
console.log('[EOI Upload] Status update data:', JSON.stringify(updateData, null, 2)); console.log('[EOI Upload] Status update data:', JSON.stringify(updateData, null, 2));
try { try {
// Update the interest // Update the interest - using internal server call (no auth headers needed)
await $fetch('/api/update-interest', { await $fetch('/api/update-interest', {
method: 'POST', method: 'POST',
headers: {
'x-tag': xTagHeader,
},
body: { body: {
id: interestId, id: interestId,
data: updateData data: updateData
@ -164,10 +158,8 @@ export default defineEventHandler(async (event) => {
async function getCurrentSalesLevel(interestId: string): Promise<string> { async function getCurrentSalesLevel(interestId: string): Promise<string> {
try { try {
// Using internal server call (no auth headers needed)
const interest = await $fetch(`/api/get-interest-by-id`, { const interest = await $fetch(`/api/get-interest-by-id`, {
headers: {
'x-tag': '094ut234',
},
params: { params: {
id: interestId, id: interestId,
}, },

11
server/api/eoi/validate-document.ts
View File

@ -1,16 +1,13 @@
import { getInterestById, updateInterest } from '~/server/utils/nocodb'; import { getInterestById, updateInterest } from '~/server/utils/nocodb';
import { getDocumesoDocument } from '~/server/utils/documeso'; import { getDocumesoDocument } from '~/server/utils/documeso';
import { requireAuth } from '~/server/utils/auth';
import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types'; import type { InterestSalesProcessLevel, EOIStatus } from '~/utils/types';
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const xTagHeader = getRequestHeader(event, "x-tag"); console.log('[Validate Document] Request received');
console.log('[Validate Document] Request received with x-tag:', xTagHeader); // Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
console.error('[Validate Document] Authentication failed - invalid x-tag');
throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
}
try { try {
const query = getQuery(event); const query = getQuery(event);

12
server/api/request-more-info-to-sales.ts
View File

@ -1,9 +1,11 @@
export default defineEventHandler(async (event) => { import { getInterestById, updateInterest, triggerWebhook } from "../utils/nocodb";
const xTagHeader = getRequestHeader(event, "x-tag"); import { requireAuth } from "../utils/auth";
if (!xTagHeader || xTagHeader !== "094ut234") { export default defineEventHandler(async (event) => {
throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); console.log('[request-more-info-to-sales] Request received');
}
// Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
try { try {
const body = await readBody(event); const body = await readBody(event);

12
server/api/request-more-information.ts
View File

@ -1,9 +1,11 @@
export default defineEventHandler(async (event) => { import { getInterestById, updateInterest, triggerWebhook } from "../utils/nocodb";
const xTagHeader = getRequestHeader(event, "x-tag"); import { requireAuth } from "../utils/auth";
if (!xTagHeader || xTagHeader !== "094ut234") { export default defineEventHandler(async (event) => {
throw createError({ statusCode: 401, statusMessage: "unauthenticated" }); console.log('[request-more-information] Request received');
}
// Check authentication (x-tag header OR Keycloak session)
await requireAuth(event);
try { try {
const body = await readBody(event); const body = await readBody(event);